From 220d5534d34c16d996dd3eb9c3dcc94591f5ded4 Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Tue, 14 Aug 2018 00:59:39 +0100 Subject: poky: sumo refresh 874976b..45ef387 Update poky to sumo HEAD. Alexander Kanavin (1): openssl: fix upstream version check for 1.0 version Andre McCurdy (19): openssl_1.1: avoid using += with an over-ride openssl_1.1: minor recipe formatting tweaks etc openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe openssl_1.0: minor recipe formatting tweaks etc openssl_1.0: drop curly brackets from shell local variables openssl_1.0: fix cryptodev-linux PACKAGECONFIG support openssl_1.0: drop leading "-" from no-ssl3 config option openssl_1.0: avoid running make twice for target do_compile() openssl: remove uclibc remnants openssl: support musl-x32 build openssl: minor indent fixes openssl_1.0: drop obsolete ca.patch openssl_1.0: drop obsolete exporting of AS, EX_LIBS and DIRS openssl_1.0: drop unmaintained darwin support openssl_1.0: add PACKAGECONFIG option to control manpages openssl_1.0: squash whitespace in CC_INFO openssl: fix missing dependency on hostperl-runtime-native openssl_1.0: drop unnecessary dependency on makedepend-native openssl_1.0: drop unnecessary call to perlpath.pl from do_configure() Andrej Valek (3): openssl-1.1: fix c_rehash perl errors openssl: update 1.0.2o -> 1.0.2p openssl: update 1.1.0h -> 1.1.0i Anuj Mittal (1): wic/qemux86: don't pass ip parameter to kernel in wks Changqing Li (1): unzip: fix CVE-2018-1000035 Hongxu Jia (2): nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10316 patch: fix CVE-2018-6952 Jagadeesh Krishnanjanappa (19): libvorbis: CVE-2017-14160 CVE-2018-10393 libvorbis: CVE-2018-10392 flac: CVE-2017-6888 libarchive: CVE-2017-14503 libsndfile1: CVE-2017-14245 CVE-2017-14246 libsndfile1: CVE-2017-14634 coreutils: CVE-2017-18018 libgcrypt: CVE-2018-0495 git: CVE-2018-11235 gnupg: CVE-2018-12020 shadow: CVE-2018-7169 procps: CVE-2018-1124 python: CVE-2018-1000030 qemu: CVE-2018-7550 qemu: CVE-2018-12617 perl: CVE-2018-6798 perl: CVE-2018-6797 perl: CVE-2018-6913 perl: CVE-2018-12015 Joshua Watt (2): alsa-lib: Cleanup packaging swig: Remove superfluous python dependency Ovidiu Panait (1): openssl-nativesdk: Fix "can't open config file" warning Ross Burton (6): bzip2: use Yocto Project mirror for SRC_URI classes: sanity-check LIC_FILES_CHKSUM openssl: disable ccache usage unzip: fix symlink problem bitbake: utils/md5_file: don't iterate line-by-line bitbake: checksum: sanity check path when recursively checksumming Change-Id: I262a451f483cb276343ae6f02c272af053d33d7a Signed-off-by: Brad Bishop --- .../perl/perl/CVE-2018-12015.patch | 48 +++++++ .../recipes-devtools/perl/perl/CVE-2018-6797.patch | 45 ++++++ .../perl/perl/CVE-2018-6798-1.patch | 130 +++++++++++++++++ .../perl/perl/CVE-2018-6798-2.patch | 37 +++++ .../recipes-devtools/perl/perl/CVE-2018-6913.patch | 153 +++++++++++++++++++++ poky/meta/recipes-devtools/perl/perl_5.24.1.bb | 5 + 6 files changed, 418 insertions(+) create mode 100644 poky/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch create mode 100644 poky/meta/recipes-devtools/perl/perl/CVE-2018-6797.patch create mode 100644 poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-1.patch create mode 100644 poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch create mode 100644 poky/meta/recipes-devtools/perl/perl/CVE-2018-6913.patch (limited to 'poky/meta/recipes-devtools/perl') diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch new file mode 100644 index 000000000..a33deaff6 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch @@ -0,0 +1,48 @@ +From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Fri, 8 Jun 2018 11:45:40 +0100 +Subject: [PATCH] [PATCH] Remove existing files before overwriting them + +Archive should extract only the latest same-named entry. +Extracted regular file should not be writtent into existing block +device (or any other one). + +https://rt.cpan.org/Ticket/Display.html?id=125523 + +CVE: CVE-2018-12015 +Upstream-Status: Backport [https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5] + +Signed-off-by: Chris 'BinGOs' Williams +Signed-off-by: Jagadeesh Krishnanjanappa +--- + lib/Archive/Tar.pm | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm +index 6244369..a83975f 100644 +--- a/cpan/Archive-Tar/lib/Archive/Tar.pm ++++ b/cpan/Archive-Tar/lib/Archive/Tar.pm +@@ -845,6 +845,20 @@ sub _extract_file { + return; + } + ++ ### If a file system already contains a block device with the same name as ++ ### the being extracted regular file, we would write the file's content ++ ### to the block device. So remove the existing file (block device) now. ++ ### If an archive contains multiple same-named entries, the last one ++ ### should replace the previous ones. So remove the old file now. ++ ### If the old entry is a symlink to a file outside of the CWD, the new ++ ### entry would create a file there. This is CVE-2018-12015 ++ ### . ++ if (-l $full || -e _) { ++ if (!unlink $full) { ++ $self->_error( qq[Could not remove old file '$full': $!] ); ++ return; ++ } ++ } + if( length $entry->type && $entry->is_file ) { + my $fh = IO::File->new; + $fh->open( '>' . $full ) or ( +-- +2.13.3 + diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-6797.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6797.patch new file mode 100644 index 000000000..b56ebd3ea --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6797.patch @@ -0,0 +1,45 @@ +From abe1e6c568b96bcb382dfa4f61c56d1ab001ea51 Mon Sep 17 00:00:00 2001 +From: Karl Williamson +Date: Fri, 2 Feb 2018 15:14:27 -0700 +Subject: [PATCH] (perl #132227) restart a node if we change to uni rules + within the node and encounter a sharp S + +This could lead to a buffer overflow. + +(cherry picked from commit a02c70e35d1313a5f4e245e8f863c810e991172d) + +CVE: CVE-2018-6797 +Upstream-Status: Backport [https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51] + +Signed-off-by: Jagadeesh Krishnanjanappa +--- + regcomp.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/regcomp.c b/regcomp.c +index 3b9550b10d..a7dee9a09e 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -13543,6 +13543,18 @@ S_regatom(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth) + * /u. This includes the multi-char fold SHARP S to + * 'ss' */ + if (UNLIKELY(ender == LATIN_SMALL_LETTER_SHARP_S)) { ++ ++ /* If the node started out having uni rules, we ++ * wouldn't have gotten here. So this means ++ * something in the middle has changed it, but ++ * didn't think it needed to reparse. But this ++ * sharp s now does indicate the need for ++ * reparsing. */ ++ if (RExC_uni_semantics) { ++ p = oldp; ++ goto loopdone; ++ } ++ + RExC_seen_unfolded_sharp_s = 1; + maybe_exactfu = FALSE; + } +-- +2.15.1-424-g9478a660812 + + diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-1.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-1.patch new file mode 100644 index 000000000..34771624f --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-1.patch @@ -0,0 +1,130 @@ +From 0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff Mon Sep 17 00:00:00 2001 +From: Karl Williamson +Date: Tue, 6 Feb 2018 14:50:48 -0700 +Subject: [PATCH] [perl #132063]: Heap buffer overflow + +The proximal cause is several instances in regexec.c of the code +assuming that the input was valid UTF-8, whereas the input was too short +for what the start byte claimed it would be. + +I grepped through the core for any other similar uses, and did not find +any. + +(cherry picked from commit fe7d8ba0a1bf567af8fa8fea128e2b9f4c553e84) + +CVE: CVE-2018-6798 +Upstream-Status: Backport [https://perl5.git.perl.org/perl.git/patch/0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff] + +Signed-off-by: Jagadeesh Krishnanjanappa +--- + regexec.c | 29 ++++++++++++++++------------- + t/lib/warnings/regexec | 7 +++++++ + 2 files changed, 23 insertions(+), 13 deletions(-) + +diff --git a/regexec.c b/regexec.c +index 5735b997fd..ea432c39d3 100644 +--- a/regexec.c ++++ b/regexec.c +@@ -1466,7 +1466,9 @@ Perl_re_intuit_start(pTHX_ + ? trie_utf8_fold \ + : trie_latin_utf8_fold))) + +-#define REXEC_TRIE_READ_CHAR(trie_type, trie, widecharmap, uc, uscan, len, uvc, charid, foldlen, foldbuf, uniflags) \ ++/* 'uscan' is set to foldbuf, and incremented, so below the end of uscan is ++ * 'foldbuf+sizeof(foldbuf)' */ ++#define REXEC_TRIE_READ_CHAR(trie_type, trie, widecharmap, uc, uc_end, uscan, len, uvc, charid, foldlen, foldbuf, uniflags) \ + STMT_START { \ + STRLEN skiplen; \ + U8 flags = FOLD_FLAGS_FULL; \ +@@ -1474,7 +1476,7 @@ STMT_START { + case trie_flu8: \ + _CHECK_AND_WARN_PROBLEMATIC_LOCALE; \ + if (utf8_target && UTF8_IS_ABOVE_LATIN1(*uc)) { \ +- _CHECK_AND_OUTPUT_WIDE_LOCALE_UTF8_MSG(uc, uc + UTF8SKIP(uc)); \ ++ _CHECK_AND_OUTPUT_WIDE_LOCALE_UTF8_MSG(uc, uc_end - uc); \ + } \ + goto do_trie_utf8_fold; \ + case trie_utf8_exactfa_fold: \ +@@ -1483,7 +1485,7 @@ STMT_START { + case trie_utf8_fold: \ + do_trie_utf8_fold: \ + if ( foldlen>0 ) { \ +- uvc = utf8n_to_uvchr( (const U8*) uscan, UTF8_MAXLEN, &len, uniflags ); \ ++ uvc = utf8n_to_uvchr( (const U8*) uscan, foldlen, &len, uniflags ); \ + foldlen -= len; \ + uscan += len; \ + len=0; \ +@@ -1500,7 +1502,7 @@ STMT_START { + /* FALLTHROUGH */ \ + case trie_latin_utf8_fold: \ + if ( foldlen>0 ) { \ +- uvc = utf8n_to_uvchr( (const U8*) uscan, UTF8_MAXLEN, &len, uniflags ); \ ++ uvc = utf8n_to_uvchr( (const U8*) uscan, foldlen, &len, uniflags ); \ + foldlen -= len; \ + uscan += len; \ + len=0; \ +@@ -1519,7 +1521,7 @@ STMT_START { + } \ + /* FALLTHROUGH */ \ + case trie_utf8: \ +- uvc = utf8n_to_uvchr( (const U8*) uc, UTF8_MAXLEN, &len, uniflags ); \ ++ uvc = utf8n_to_uvchr( (const U8*) uc, uc_end - uc, &len, uniflags ); \ + break; \ + case trie_plain: \ + uvc = (UV)*uc; \ +@@ -2599,10 +2601,10 @@ S_find_byclass(pTHX_ regexp * prog, const regnode *c, char *s, + } + points[pointpos++ % maxlen]= uc; + if (foldlen || uc < (U8*)strend) { +- REXEC_TRIE_READ_CHAR(trie_type, trie, +- widecharmap, uc, +- uscan, len, uvc, charid, foldlen, +- foldbuf, uniflags); ++ REXEC_TRIE_READ_CHAR(trie_type, trie, widecharmap, uc, ++ (U8 *) strend, uscan, len, uvc, ++ charid, foldlen, foldbuf, ++ uniflags); + DEBUG_TRIE_EXECUTE_r({ + dump_exec_pos( (char *)uc, c, strend, + real_start, s, utf8_target, 0); +@@ -5511,8 +5513,9 @@ S_regmatch(pTHX_ regmatch_info *reginfo, char *startpos, regnode *prog) + if ( base && (foldlen || uc < (U8*)(reginfo->strend))) { + I32 offset; + REXEC_TRIE_READ_CHAR(trie_type, trie, widecharmap, uc, +- uscan, len, uvc, charid, foldlen, +- foldbuf, uniflags); ++ (U8 *) reginfo->strend, uscan, ++ len, uvc, charid, foldlen, ++ foldbuf, uniflags); + charcount++; + if (foldlen>0) + ST.longfold = TRUE; +@@ -5642,8 +5645,8 @@ S_regmatch(pTHX_ regmatch_info *reginfo, char *startpos, regnode *prog) + while (foldlen) { + if (!--chars) + break; +- uvc = utf8n_to_uvchr(uscan, UTF8_MAXLEN, &len, +- uniflags); ++ uvc = utf8n_to_uvchr(uscan, foldlen, &len, ++ uniflags); + uscan += len; + foldlen -= len; + } +diff --git a/t/lib/warnings/regexec b/t/lib/warnings/regexec +index 900dd6ee7f..6635142dea 100644 +--- a/t/lib/warnings/regexec ++++ b/t/lib/warnings/regexec +@@ -260,3 +260,10 @@ setlocale(&POSIX::LC_CTYPE, $utf8_locale); + "k" =~ /(?[ \N{KELVIN SIGN} ])/i; + ":" =~ /(?[ \: ])/; + EXPECT ++######## ++# NAME perl #132063, read beyond buffer end ++# OPTION fatal ++"\xff" =~ /(?il)\x{100}|\x{100}/; ++EXPECT ++Malformed UTF-8 character: \xff (too short; 1 byte available, need 13) in pattern match (m//) at - line 2. ++Malformed UTF-8 character (fatal) at - line 2. +-- +2.15.1-424-g9478a660812 + diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch new file mode 100644 index 000000000..fb9b41a5e --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch @@ -0,0 +1,37 @@ +From f65da1ca2eee74696d9c120e9d69af37b4fa1920 Mon Sep 17 00:00:00 2001 +From: Tony Cook +Date: Mon, 19 Feb 2018 15:11:42 +1100 +Subject: [PATCH] (perl #132063) we should no longer warn for this code + +The first patch for 132063 prevented the buffer read overflow when +dumping the warning but didn't fix the underlying problem. + +The next change treats the supplied buffer correctly, preventing the +non-UTF-8 SV from being treated as UTF-8, preventing the warning. + +(cherry picked from commit 1e8b61488f195e1396aa801c685340b156104f4f) + +CVE: CVE-2018-6798 +Upstream-Status: Backport [https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920] + +Signed-off-by: Jagadeesh Krishnanjanappa +--- + t/lib/warnings/regexec | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/t/lib/warnings/regexec b/t/lib/warnings/regexec +index 6635142dea..c370ddc3c7 100644 +--- a/t/lib/warnings/regexec ++++ b/t/lib/warnings/regexec +@@ -262,8 +262,5 @@ setlocale(&POSIX::LC_CTYPE, $utf8_locale); + EXPECT + ######## + # NAME perl #132063, read beyond buffer end +-# OPTION fatal + "\xff" =~ /(?il)\x{100}|\x{100}/; + EXPECT +-Malformed UTF-8 character: \xff (too short; 1 byte available, need 13) in pattern match (m//) at - line 2. +-Malformed UTF-8 character (fatal) at - line 2. +-- +2.15.1-424-g9478a660812 + diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-6913.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6913.patch new file mode 100644 index 000000000..157af7bf9 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6913.patch @@ -0,0 +1,153 @@ +From f17fed5006177dce8ac48229c424a2da0d6ba492 Mon Sep 17 00:00:00 2001 +From: Tony Cook +Date: Tue, 8 Aug 2017 09:32:58 +1000 +Subject: [PATCH] (perl #131844) fix various space calculation issues in + pp_pack.c + +- for the originally reported case, if the start/cur pointer is in the + top 75% of the address space the add (cur) + glen addition would + overflow, resulting in the condition failing incorrectly. + +- the addition of the existing space used to the space needed could + overflow, resulting in too small an allocation and a buffer overflow. + +- the scaling for UTF8 could overflow. + +- the multiply to calculate the space needed for many items could + overflow. + +For the first case, do a space calculation without making new pointers. + +For the other cases, detect the overflow and croak if there's an +overflow. + +Originally this used Size_t_MAX as the maximum size of a memory +allocation, but for -DDEBUGGING builds realloc() throws a panic for +allocations over half the address space in size, changing the error +reported for the allocation. + +For non-DEBUGGING builds the Size_t_MAX limit has the small chance +of finding a system that has 3GB of contiguous space available, and +allocating that space, which could be a denial of servce in some cases. + +Unfortunately changing the limit to half the address space means that +the exact case with the original issue can no longer occur, so the +test is no longer testing against the address + length issue that +caused the original problem, since the allocation is failing earlier. + +One option would be to change the test so the size request by pack is +just under 2GB, but this has a higher (but still low) probability that +the system has the address space available, and will actually try to +allocate the memory, so let's not do that. + +Note: changed +plan tests => 14713; +to +plan tests => 14712; +in a/t/op/pack.t +to apply this patch on perl 5.24.1. + +CVE: CVE-2018-6913 +Upstream-Status: Backport [https://perl5.git.perl.org/perl.git/commitdiff/f17fed5006177dce8ac48229c424a2da0d6ba492] + +Signed-off-by: Jagadeesh Krishnanjanappa +--- + pp_pack.c | 25 +++++++++++++++++++++---- + t/op/pack.t | 24 +++++++++++++++++++++++- + 2 files changed, 44 insertions(+), 5 deletions(-) + +diff --git a/pp_pack.c b/pp_pack.c +index 8937d6d715..5e9cc64301 100644 +--- a/pp_pack.c ++++ b/pp_pack.c +@@ -357,11 +357,28 @@ STMT_START { \ + } \ + } STMT_END + ++#define SAFE_UTF8_EXPAND(var) \ ++STMT_START { \ ++ if ((var) > SSize_t_MAX / UTF8_EXPAND) \ ++ Perl_croak(aTHX_ "%s", "Out of memory during pack()"); \ ++ (var) = (var) * UTF8_EXPAND; \ ++} STMT_END ++ ++#define GROWING2(utf8, cat, start, cur, item_size, item_count) \ ++STMT_START { \ ++ if (SSize_t_MAX / (item_size) < (item_count)) \ ++ Perl_croak(aTHX_ "%s", "Out of memory during pack()"); \ ++ GROWING((utf8), (cat), (start), (cur), (item_size) * (item_count)); \ ++} STMT_END ++ + #define GROWING(utf8, cat, start, cur, in_len) \ + STMT_START { \ + STRLEN glen = (in_len); \ +- if (utf8) glen *= UTF8_EXPAND; \ +- if ((cur) + glen >= (start) + SvLEN(cat)) { \ ++ STRLEN catcur = (STRLEN)((cur) - (start)); \ ++ if (utf8) SAFE_UTF8_EXPAND(glen); \ ++ if (SSize_t_MAX - glen < catcur) \ ++ Perl_croak(aTHX_ "%s", "Out of memory during pack()"); \ ++ if (catcur + glen >= SvLEN(cat)) { \ + (start) = sv_exp_grow(cat, glen); \ + (cur) = (start) + SvCUR(cat); \ + } \ +@@ -372,7 +389,7 @@ STMT_START { \ + STMT_START { \ + const STRLEN glen = (in_len); \ + STRLEN gl = glen; \ +- if (utf8) gl *= UTF8_EXPAND; \ ++ if (utf8) SAFE_UTF8_EXPAND(gl); \ + if ((cur) + gl >= (start) + SvLEN(cat)) { \ + *cur = '\0'; \ + SvCUR_set((cat), (cur) - (start)); \ +@@ -2126,7 +2143,7 @@ S_pack_rec(pTHX_ SV *cat, tempsym_t* sym + if (props && !(props & PACK_SIZE_UNPREDICTABLE)) { + /* We can process this letter. */ + STRLEN size = props & PACK_SIZE_MASK; +- GROWING(utf8, cat, start, cur, (STRLEN) len * size); ++ GROWING2(utf8, cat, start, cur, size, (STRLEN)len); + } + } + +diff --git a/t/op/pack.t b/t/op/pack.t +index 664aaaf1b0..cf0e286509 100644 +--- a/t/op/pack.t ++++ b/t/op/pack.t +@@ -12,7 +12,7 @@ my $no_endianness = $] > 5.009 ? '' : + my $no_signedness = $] > 5.009 ? '' : + "Signed/unsigned pack modifiers not available on this perl"; + +-plan tests => 14712; ++plan tests => 14717; + + use strict; + use warnings qw(FATAL all); +@@ -2044,3 +2044,25 @@ ok(1, "argument underflow did not crash" + is(pack("H40", $up_nul), $twenty_nuls, + "check pack H zero fills (utf8 source)"); + } ++ ++SKIP: ++{ ++ # [perl #131844] pointer addition overflow ++ $Config{ptrsize} == 4 ++ or skip "[perl #131844] need 32-bit build for this test", 4; ++ # prevent ASAN just crashing on the allocation failure ++ local $ENV{ASAN_OPTIONS} = $ENV{ASAN_OPTIONS}; ++ $ENV{ASAN_OPTIONS} .= ",allocator_may_return_null=1"; ++ fresh_perl_like('pack "f999999999"', qr/Out of memory during pack/, { stderr => 1 }, ++ "pointer addition overflow"); ++ ++ # integer (STRLEN) overflow from addition of glen to current length ++ fresh_perl_like('pack "c10f1073741823"', qr/Out of memory during pack/, { stderr => 1 }, ++ "integer overflow calculating allocation (addition)"); ++ ++ fresh_perl_like('pack "W10f536870913", 256', qr/Out of memory during pack/, { stderr => 1 }, ++ "integer overflow calculating allocation (utf8)"); ++ ++ fresh_perl_like('pack "c10f1073741824"', qr/Out of memory during pack/, { stderr => 1 }, ++ "integer overflow calculating allocation (multiply)"); ++} +-- +2.15.1-424-g9478a660812 + diff --git a/poky/meta/recipes-devtools/perl/perl_5.24.1.bb b/poky/meta/recipes-devtools/perl/perl_5.24.1.bb index 91f310d42..5fed8965c 100644 --- a/poky/meta/recipes-devtools/perl/perl_5.24.1.bb +++ b/poky/meta/recipes-devtools/perl/perl_5.24.1.bb @@ -66,6 +66,11 @@ SRC_URI += " \ file://perl-5.26.1-guard_old_libcrypt_fix.patch \ file://CVE-2017-12883.patch \ file://CVE-2017-12837.patch \ + file://CVE-2018-6798-1.patch \ + file://CVE-2018-6798-2.patch \ + file://CVE-2018-6797.patch \ + file://CVE-2018-6913.patch \ + file://CVE-2018-12015.patch \ " # Fix test case issues -- cgit v1.2.3